The extended government shutdown, which began on midnight EST on Saturday, December 22nd, is reportedly leaving federal agencies wide open to cyber-attacks. The disparity between Congress and President Donald Trump continues as the President’s request for $5.7 billion in funding for a Southern boarder wall remains in dispute. The president maintains that we are facing a national security threat at the border, where illegal immigrants are pouring in, many of them dangerous and many more smuggling in drugs. The government remains shut down indefinitely, with both sides unwilling to back down.

In the meantime, the shutdown itself may be bringing on new security issues of a different sort. Federally contracted cybersecurity employees are among those not being paid, and the limited staff means lapses in maintaining and updating security certificates which leaves government information extremely vulnerable. While it is not known precisely how much the shutdown has affected the Homeland Security department’s mission to safeguard critical infrastructure, experts are concerned.

Netcraft, a UK-based web security company, found that dozens of US government websites’ security certificates have now expired. Departments such as NASA and the Department of Justice are now susceptible to hackers and malicious software, as per CNET. The certificates are meant to ensure that the information is properly encrypted, protecting sensitive information, and an expired certificate means the websites cannot access the tools to secure the sites. This results in an unsafe environment also for visitors of the websites, whose personal and payment information could be at risk.

“With so many cyber activities reliant on highly skilled contractors required to augment government personnel, government shutdowns significantly degrade the ability of the government function to meet all of their cyber mission requirements,” said Greg Touhill, president of Cyxtera Federal, a firm providing cybersecurity services to the government. He says security operations, software patching and testing for penetrations are some of the “essential functions” overdue thanks to the shutdown.

As per the New American Journal, federal agencies and departments are on the “hit-list for hackers, organizations that specialize in high-end security intrusions and nation-state actors,” said Tom Gann, chief of public policy at McAfee, the computer security company. “The first 24 hours between a hack and detection is vital. The longer a hack persists, the deeper it can infect,” he continued.

“I am not sleeping well,” says Tom Kellermann, chief cybersecurity officer for the vendor Carbon Black. “The U.S. is under siege by Chinese, Russian and North Korean cyber spies, and now we do not have sufficient watchers on the wall. We have never been this vulnerable to asymmetrical warfare.”

According to Kellermann, when the government finally reopens, the “first order of business will be to immediately conduct compromise assessments and suppress the adversaries who have infiltrated government systems.”